Configure a Mesh Global Control Plane with the Kubernetes demo app

Using Mesh Manager, you can create Kong Mesh global control planes to manage your Kong Konnect mesh services. This guide explains how to configure a global control plane with Kong Mesh, then install the Kubernetes demo app so you can start interfacing with Kong Mesh in Kong Konnect.

Prerequisites

A Kubernetes cluster with load balancer service capabilities
kubectl installed and configured to communicate with your Kubernetes cluster
The latest version of Kong Mesh

Create a global control plane in Konnect

From the left navigation menu in Konnect, open Mesh Manager.
Click New Global Control Plane.
Enter example-cp in the Name field and click Save.

You now have a Kong Mesh global control plane. This control plane won’t have any functionality until you connect a zone to it.

Create a zone in the global control plane

After creating the global control plane, you must add a zone to that control plane. Adding a zone allows you to manage services added to that zone and send and receive configuration changes to the zone.

Select the example-cp control plane you just created and then click Create Zone.
Mesh Manager automatically creates a managed service account that is only used to issue a token during the zone creation process.
Enter “zone-1” in the Name field for the new zone, and then click Create Zone & generate token.

Note: The zone name must consist of lower case alphanumeric characters or -. It must also start and end with an alphanumeric character.
Follow the instructions to set up Helm and a secret token. Konnect will automatically start looking for the zone. Once Konnect finds the zone, it will display it.

You now have a very basic Kong Mesh service mesh added to Konnect. This service mesh can only create meshes and policies at the moment, so you need to add services and additional configurations to it.

Install a demo service

Now that you’ve added a global control plane and a zone to your service mesh in Konnect, you can add services to your mesh.

The Kong Mesh Kubernetes demo app sets up four services so you can see how Kong Mesh can be used to control services, monitor traffic, and track resource status:

frontend: A web application that lets you browse an online clothing store
backend: A Node.js API for querying and filtering clothing items
postgres: A database for storing clothing item reviews
redis: A data store for the clothing item star ratings

To add the services to your mesh using the demo app, run the following command:

kubectl apply -f https://raw.githubusercontent.com/kumahq/kuma-demo/master/kubernetes/kuma-demo-aio.yaml

You can see the services the Kubernetes demo app added by navigating to Mesh Manager in the sidebar of Konnect, selecting the example-cp and clicking Meshes in the sidebar. You can view the services associated with that mesh by clicking Default and the Services tab.

For more information about the Kubernetes demo app, see Explore Kong Mesh with the Kubernetes demo app.

Configure `kumactl` to connect to your global control plane

kumactl is a CLI tool that you can use to access Kong Mesh. It can create, read, update, and delete resources in Kong Mesh in Universal/Konnect mode.

You connect kumactl to the global control plane in Konnect so that you can run commands against the control plane.

From the left navigation menu in Konnect, open Mesh Manager and select the example-cp control plane.
Select Configure kumactl from the Global Control Plane Actions dropdown menu and follow the steps in the wizard to connect kumactl to the control plane.
Verify that the services you added from the previous section with the Kubernetes demo app are running correctly:
```
kumactl get dataplanes
```
If your data planes were configured correctly with the demo app, the output should return all four data planes.

You can now issue commands to your global control plane using kumactl. You can see the kumactl command reference for more information about the commands you can use.

Conclusion

By following the instructions in this guide, you’ve created a Kong Mesh global control plane, added a zone to it, configured kumactl to connect to your global control plane, and added services to the mesh.

Next steps

Now that you’ve configured a global control plane, you can continue to configure your service mesh in Konnect by following some of these guides:

Zone Ingress - Set up zone ingress in Kong Mesh.
Zone Egress - Set up zone egress in Kong Mesh.
Mutual TLS - Configure mTLS with Kong Mesh.
Observability - Find out how to configure observability with Kong Mesh.
Traffic Log - Learn how to configure logging with Kong Mesh.